Reporting
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Copy csv file to a shared location

ashrafshareeb
Path Finder
‎07-25-2019 07:36 AM

Hi All,

I have a user use-case which is to generate an csv file (we used | outputcsv ) and the file got generated in
/app/splunk/rel/var/run/splunk/csv/filename.csv. This file needs to be moved into a shared path like \location\of\shared\path

Is there a script to copy file from unix server to a shared drive, if there is any please do share. If it is not possible to copy to shared path please do let me know. I'm thinking of using it as alert action as script to call a script to copy once the .csv file gets generated.

Any suggestions!

0 Karma
Reply

vnguyen46
Contributor
‎04-22-2020 09:48 AM

Hi - I have the same need. Have you figured out how to make it work? Please share.
Thanks,

0 Karma
Reply

to4kawa
Ultra Champion
‎04-22-2020 02:08 PM

Try to make apps.
In apps, outputlookup make csv at $SPLUNK_HOME/etc/apps/appsname/lookups.

directory permition could be modified,I guess.

0 Karma
Reply

richgalloway
SplunkTrust
SplunkTrust
‎07-25-2019 12:23 PM

As the documentation says, the outputcsv command will only write files in the one location. This is protect your system from rogue queries. If you need the CSV file in another location then you'll need to either create a shell script triggered by cron or a Splunk external command appended to your query (... | outputcsv filename.csv | script moveCSV). See "About writing custom search commands" at https://docs.splunk.com/Documentation/Splunk/7.3.0/Search/Aboutcustomsearchcommands.

---
If this reply helps you, Karma would be appreciated.
0 Karma
Reply
Get Updates on the Splunk Community!

[Puzzles] Solve, Learn, Repeat: Dynamic formatting from XML events

This challenge was first posted on Slack #puzzles channelFor a previous puzzle, I needed a set of fixed-length ...

Enter the Agentic Era with Splunk AI Assistant for SPL 1.4

  🚀 Your data just got a serious AI upgrade — are you ready? Say hello to the Agentic Era with the ...

Stronger Security with Federated Search for S3, GCP SQL & Australian Threat ...

Splunk Lantern is a Splunk customer success center that provides advice from Splunk experts on valuable data ...